vgxness 0.1.0

package/dist/agents/repositories/agents.js

@@ -0,0 +1,185 @@
+import { randomUUID } from 'node:crypto';
+export class AgentRepository {
+    db;
+    constructor(db) {
+        this.db = db;
+    }
+    register(input) {
+        const validation = validate(input);
+        if (!validation.ok)
+            return validation;
+        const parentValidation = input.mode === 'subagent' ? this.validateParent(input) : ok(undefined);
+        if (!parentValidation.ok)
+            return parentValidation;
+        const result = this.db.transaction(() => {
+            const existing = this.findByNaturalKey(input.project, input.scope, input.name);
+            if (existing !== undefined && existing.mode !== input.mode) {
+                throw new AgentRegistryValidationError(`Agent already exists as ${existing.mode}: ${input.project}/${input.scope}/${input.name}`);
+            }
+            const id = existing?.id ?? randomUUID();
+            const now = new Date().toISOString();
+            const parameters = toRowParameters(input, id, existing?.created_at ?? now, now);
+            this.db.connection.prepare(`
+        INSERT INTO agents(id, project, scope, mode, name, description, instructions_json, capabilities_json, permissions_json, memory_json, workflows_json, skills_json, adapters_json, parent_agent_id, created_at, updated_at)
+        VALUES (@id, @project, @scope, @mode, @name, @description, @instructionsJson, @capabilitiesJson, @permissionsJson, @memoryJson, @workflowsJson, @skillsJson, @adaptersJson, @parentAgentId, @createdAt, @updatedAt)
+        ON CONFLICT(project, scope, name) DO UPDATE SET
+          mode=excluded.mode,
+          description=excluded.description,
+          instructions_json=excluded.instructions_json,
+          capabilities_json=excluded.capabilities_json,
+          permissions_json=excluded.permissions_json,
+          memory_json=excluded.memory_json,
+          workflows_json=excluded.workflows_json,
+          skills_json=excluded.skills_json,
+          adapters_json=excluded.adapters_json,
+          parent_agent_id=excluded.parent_agent_id,
+          updated_at=excluded.updated_at
+      `).run(parameters);
+            const found = this.getById(id);
+            if (!found.ok)
+                throw new Error(found.error.message);
+            return found.value;
+        });
+        if (!result.ok && result.error.cause instanceof AgentRegistryValidationError) {
+            return validationFailure(result.error.cause.message);
+        }
+        return result;
+    }
+    getById(id) {
+        try {
+            const row = this.db.connection.prepare('SELECT * FROM agents WHERE id=?').get(id);
+            return row ? ok(map(row)) : missing(`Agent not found: ${id}`);
+        }
+        catch (cause) {
+            return fail('Failed to read agent', cause);
+        }
+    }
+    getByName(project, scope, name) {
+        try {
+            const row = this.findByNaturalKey(project, scope, name);
+            return row ? ok(map(row)) : missing(`Agent not found: ${project}/${scope}/${name}`);
+        }
+        catch (cause) {
+            return fail('Failed to read agent by name', cause);
+        }
+    }
+    list(filters = {}) {
+        try {
+            const where = [];
+            const parameters = {};
+            for (const [key, column] of [['project', 'project'], ['scope', 'scope'], ['mode', 'mode'], ['parentAgentId', 'parent_agent_id']]) {
+                const value = filters[key];
+                if (value !== undefined) {
+                    where.push(`${column}=@${key}`);
+                    parameters[key] = value;
+                }
+            }
+            const rows = this.db.connection.prepare(`
+        SELECT * FROM agents
+        ${where.length ? `WHERE ${where.join(' AND ')}` : ''}
+        ORDER BY name ASC
+      `).all(parameters);
+            return ok(rows.map((row) => toSummary(map(row))));
+        }
+        catch (cause) {
+            return fail('Failed to list agents', cause);
+        }
+    }
+    findByNaturalKey(project, scope, name) {
+        return this.db.connection.prepare('SELECT * FROM agents WHERE project=? AND scope=? AND name=?').get(project, scope, name);
+    }
+    validateParent(input) {
+        if (input.parentAgentId === undefined)
+            return validationFailure('Subagents require parentAgentId');
+        const parent = this.getById(input.parentAgentId);
+        if (!parent.ok)
+            return validationFailure(parent.error.message);
+        if (parent.value.mode !== 'agent')
+            return validationFailure('Subagent parent must be an agent');
+        if (parent.value.project !== input.project || parent.value.scope !== input.scope)
+            return validationFailure('Subagent parent must share project and scope');
+        return ok(undefined);
+    }
+}
+function validate(input) {
+    if (!input.project.trim())
+        return validationFailure('Agent project is required');
+    if (!input.name.trim())
+        return validationFailure('Agent name is required');
+    if (!input.description.trim())
+        return validationFailure('Agent description is required');
+    if (!input.instructions.value.trim())
+        return validationFailure('Agent instructions are required');
+    if (input.mode === 'agent' && input.parentAgentId !== undefined)
+        return validationFailure('Top-level agents cannot have parentAgentId');
+    return ok(undefined);
+}
+function toRowParameters(input, id, createdAt, updatedAt) {
+    return {
+        id,
+        project: input.project,
+        scope: input.scope,
+        mode: input.mode,
+        name: input.name,
+        description: input.description,
+        instructionsJson: JSON.stringify(input.instructions),
+        capabilitiesJson: JSON.stringify(input.capabilities ?? []),
+        permissionsJson: JSON.stringify(input.permissions ?? {}),
+        memoryJson: JSON.stringify(input.memory ?? { scopes: [] }),
+        workflowsJson: JSON.stringify(input.workflows ?? []),
+        skillsJson: JSON.stringify(input.skills ?? []),
+        adaptersJson: JSON.stringify(input.adapters ?? {}),
+        parentAgentId: input.parentAgentId ?? null,
+        createdAt,
+        updatedAt,
+    };
+}
+function map(row) {
+    const value = {
+        id: row.id,
+        project: row.project,
+        scope: row.scope,
+        mode: row.mode,
+        name: row.name,
+        description: row.description,
+        instructions: JSON.parse(row.instructions_json),
+        capabilities: JSON.parse(row.capabilities_json),
+        permissions: JSON.parse(row.permissions_json),
+        memory: JSON.parse(row.memory_json),
+        workflows: JSON.parse(row.workflows_json),
+        skills: JSON.parse(row.skills_json),
+        adapters: JSON.parse(row.adapters_json),
+        createdAt: row.created_at,
+        updatedAt: row.updated_at,
+    };
+    if (row.parent_agent_id !== null)
+        value.parentAgentId = row.parent_agent_id;
+    return value;
+}
+function toSummary(agent) {
+    const value = {
+        id: agent.id,
+        project: agent.project,
+        scope: agent.scope,
+        mode: agent.mode,
+        name: agent.name,
+        description: agent.description,
+        capabilities: agent.capabilities,
+        createdAt: agent.createdAt,
+        updatedAt: agent.updatedAt,
+    };
+    if (agent.parentAgentId !== undefined)
+        value.parentAgentId = agent.parentAgentId;
+    return value;
+}
+function ok(value) { return { ok: true, value }; }
+function missing(message) { return { ok: false, error: { code: 'not_found', message } }; }
+function validationFailure(message) { return { ok: false, error: { code: 'validation_failed', message } }; }
+function fail(message, cause) {
+    const error = { code: 'validation_failed', message };
+    if (cause !== undefined)
+        error.cause = cause;
+    return { ok: false, error };
+}
+class AgentRegistryValidationError extends Error {
+}

package/dist/agents/repositories/manager-profile-overlays.js

@@ -0,0 +1,81 @@
+import { randomUUID } from 'node:crypto';
+export class ManagerProfileOverlayRepository {
+    db;
+    constructor(db) {
+        this.db = db;
+    }
+    save(input) {
+        const validation = validate(input);
+        if (!validation.ok)
+            return validation;
+        try {
+            const existing = this.find(input.project, input.scope, input.managerName);
+            const id = existing?.id ?? randomUUID();
+            const now = new Date().toISOString();
+            this.db.connection.prepare(`
+        INSERT INTO manager_profile_overlays(id, project, scope, manager_name, instructions, created_at, updated_at)
+        VALUES (@id, @project, @scope, @managerName, @instructions, @createdAt, @updatedAt)
+        ON CONFLICT(project, scope, manager_name) DO UPDATE SET
+          instructions=excluded.instructions,
+          updated_at=excluded.updated_at
+      `).run({
+                id,
+                project: input.project.trim(),
+                scope: input.scope,
+                managerName: input.managerName.trim(),
+                instructions: input.instructions.trim(),
+                createdAt: existing?.created_at ?? now,
+                updatedAt: now,
+            });
+            const saved = this.get(input.project, input.scope, input.managerName);
+            if (!saved.ok)
+                return saved;
+            return saved;
+        }
+        catch (cause) {
+            return fail('Failed to save manager profile overlay', cause);
+        }
+    }
+    get(project, scope, managerName) {
+        try {
+            const row = this.find(project, scope, managerName);
+            return row === undefined ? missing(`Manager profile overlay not found: ${project}/${scope}/${managerName}`) : ok(map(row));
+        }
+        catch (cause) {
+            return fail('Failed to read manager profile overlay', cause);
+        }
+    }
+    find(project, scope, managerName) {
+        return this.db.connection.prepare('SELECT * FROM manager_profile_overlays WHERE project=? AND scope=? AND manager_name=?')
+            .get(project.trim(), scope, managerName.trim());
+    }
+}
+function validate(input) {
+    if (!input.project.trim())
+        return validationFailure('Project is required');
+    if (!input.managerName.trim())
+        return validationFailure('managerName is required');
+    if (!input.instructions.trim())
+        return validationFailure('instructions are required');
+    return ok(undefined);
+}
+function map(row) {
+    return {
+        id: row.id,
+        project: row.project,
+        scope: row.scope,
+        managerName: row.manager_name,
+        instructions: row.instructions,
+        createdAt: row.created_at,
+        updatedAt: row.updated_at,
+    };
+}
+function ok(value) { return { ok: true, value }; }
+function missing(message) { return { ok: false, error: { code: 'not_found', message } }; }
+function validationFailure(message) { return { ok: false, error: { code: 'validation_failed', message } }; }
+function fail(message, cause) {
+    const error = { code: 'validation_failed', message };
+    if (cause !== undefined)
+        error.cause = cause;
+    return { ok: false, error };
+}

package/dist/agents/schema.js

@@ -0,0 +1 @@
+export {};

package/dist/cli/dashboard-operational-read-models.js

@@ -0,0 +1,153 @@
+import { redactJsonValue, redactedPlaceholder } from '../export/redaction.js';
+import { listWorkflows } from '../workflows/workflow-registry.js';
+const noLink = 'sin vínculo disponible';
+export function dashboardCopyAction(label, command, safety = 'read-only') {
+    return { label, command, safety, copyOnly: true, executesInTui: false };
+}
+export function dashboardSafety() {
+    return { readOnly: true, copyOnly: true, providerWrites: false, providerExecution: false, modifiesDotOpencode: false, modifiesDotClaude: false, modifiesOpenSpec: false, executesWorkflow: false, executesDoctor: false };
+}
+export function buildDashboardWorkflowsReadModel(input = {}) {
+    const project = input.project ?? '<project>';
+    const workflows = listWorkflows();
+    const items = workflows.map((workflow) => {
+        const lastKnownRun = (input.runs ?? []).filter((run) => run.workflow === workflow.id).sort((a, b) => b.updatedAt.localeCompare(a.updatedAt))[0];
+        return {
+            id: workflow.id,
+            label: workflow.title,
+            description: workflow.description,
+            phase: workflow.defaultPhase,
+            mutability: workflow.mutability,
+            safetyProfile: workflow.safetyProfile,
+            requiresSddArtifacts: workflow.requiresSddArtifacts,
+            availability: 'available',
+            inputsSummary: workflow.id === 'sdd' ? '--project and --change for SDD status; --intent for explicit preview outside TUI' : '--project and --intent for explicit preview outside TUI',
+            sourceRef: 'src/workflows/workflow-registry.ts',
+            ...(lastKnownRun === undefined ? {} : { lastKnownRun: { id: lastKnownRun.id, status: lastKnownRun.status, phase: lastKnownRun.phase, updatedAt: lastKnownRun.updatedAt } }),
+            nextActions: [
+                dashboardCopyAction('Preview workflow metadata', `npm run cli -- ${workflow.id} preview --project ${project} --intent <intent>`),
+                dashboardCopyAction('Inspect workflow runs', `npm run cli -- runs list --project ${project}`),
+            ],
+        };
+    });
+    return {
+        meta: meta('workflows', 'Workflows', 'workflow registry', input.generatedAt),
+        summary: `${items.length} workflow(s) from registry; actions are copy-only and not executed by the TUI.`,
+        items,
+        ...(items.length === 0 ? { emptyState: { message: 'No workflows are registered in the workflow registry.', nextActions: [dashboardCopyAction('Inspect help', 'npm run cli -- --help')] } } : {}),
+        copyActions: [dashboardCopyAction('Inspect CLI help', 'npm run cli -- --help')],
+    };
+}
+export function buildDashboardRunsReadModel(input) {
+    const items = input.runs.map((run) => buildRunTraceItem(run, input.detailsByRunId?.[run.id], input.insightsByRunId?.[run.id]));
+    const project = input.project ?? '<project>';
+    return {
+        meta: meta('runs', 'Runs', 'run records, details, checkpoints, approvals, operation attempts', input.generatedAt),
+        summary: `${items.length} visible run(s); ${items.reduce((count, item) => count + item.relatedApprovals.length, 0)} approval(s); ${items.reduce((count, item) => count + item.relatedPreflights.length, 0)} preflight/attempt(s).`,
+        items,
+        ...(items.length === 0 ? { emptyState: { message: 'No runs are registered or visible for this project.', nextActions: [dashboardCopyAction('Inspect runs', `npm run cli -- runs list --project ${project}`)] } } : {}),
+        copyActions: [dashboardCopyAction('Inspect runs', `npm run cli -- runs list --project ${project}`)],
+    };
+}
+export function buildDashboardApprovalsReadModel(input) {
+    const items = input.runs.flatMap((run) => approvalItemsForRun(run, input.detailsByRunId?.[run.id]));
+    items.sort((a, b) => (a.status === 'pending' ? 0 : 1) - (b.status === 'pending' ? 0 : 1) || (b.createdAt ?? '').localeCompare(a.createdAt ?? ''));
+    const project = input.project ?? '<project>';
+    return {
+        meta: meta('approvals', 'Approvals', 'run approvals and operation attempts', input.generatedAt),
+        summary: `${items.filter((item) => item.status === 'pending').length} pending; ${items.length} pending/recent approval or preflight item(s).`,
+        items,
+        ...(items.length === 0 ? { emptyState: { message: 'No pending or recent approvals/preflights are visible for this project.', nextActions: [dashboardCopyAction('Inspect approvals', `npm run cli -- approvals list --project ${project}`)] } } : {}),
+        copyActions: [dashboardCopyAction('Inspect approvals', `npm run cli -- approvals list --project ${project}`)],
+    };
+}
+export function redactDashboardValue(value) {
+    return redactJsonValue(value);
+}
+function meta(screen, title, source, generatedAt = new Date().toISOString()) {
+    return { screen, title, generatedAt, source, redactionsApplied: [redactedPlaceholder], safety: dashboardSafety() };
+}
+function buildRunTraceItem(run, details, insights) {
+    const checkpoints = details?.checkpoints ?? [];
+    const lastCheckpoint = checkpoints.at(-1);
+    const approvals = details?.approvals ?? [];
+    const attempts = details?.operationAttempts ?? [];
+    const relatedApprovals = approvals.map((approval) => {
+        const attempt = attempts.find((candidate) => candidate.approvalId === approval.id || candidate.decisionEventId === approval.decisionEventId);
+        return { id: approval.id, status: approval.status, ...(attempt === undefined ? {} : { category: attempt.category, operation: attempt.operation }) };
+    });
+    const relatedPreflights = attempts.map((attempt) => ({ id: attempt.id, status: attempt.status, category: attempt.category, operation: attempt.operation, riskFlags: riskFlags(attempt) }));
+    return {
+        runId: run.id,
+        project: run.project,
+        workflow: run.workflow,
+        phase: run.phase,
+        status: run.status,
+        ...(run.outcome === undefined ? {} : { outcome: run.outcome }),
+        ...(run.outcomeReason === undefined ? {} : { outcomeReason: safeText(run.outcomeReason) }),
+        selectedAgentId: run.selectedAgentId,
+        model: run.model,
+        createdAt: run.createdAt,
+        updatedAt: run.updatedAt,
+        ...(run.completedAt === undefined ? {} : { completedAt: run.completedAt }),
+        ...(lastCheckpoint === undefined ? {} : { lastCheckpoint: { id: lastCheckpoint.id, label: lastCheckpoint.label, createdAt: lastCheckpoint.createdAt, stateSummary: summarizeJson(lastCheckpoint.state) } }),
+        checkpointsSummary: checkpoints.length === 0 ? noLink : `${checkpoints.length} checkpoint(s); latest ${lastCheckpoint?.label ?? 'unknown'}`,
+        relatedApprovals,
+        relatedPreflights,
+        blockers: insights?.resumePlan.blockers.map((blocker) => `${blocker.code}: ${safeText(blocker.message)}`) ?? [],
+        latestTimeline: insights?.timeline.slice(-3).map((entry) => `${entry.type}: ${safeText(entry.label)}`) ?? [],
+        nextActions: [dashboardCopyAction('Inspect run', `npm run cli -- runs get --id ${run.id}`), dashboardCopyAction('Inspect timeline', `npm run cli -- runs timeline --id ${run.id}`), dashboardCopyAction('Inspect resume plan', `npm run cli -- runs resume-inspect --id ${run.id}`)],
+    };
+}
+function approvalItemsForRun(run, details) {
+    if (details === undefined)
+        return [];
+    const approvalItems = details.approvals.map((approval) => {
+        const attempt = details.operationAttempts.find((candidate) => candidate.approvalId === approval.id || candidate.decisionEventId === approval.decisionEventId);
+        return {
+            id: approval.id,
+            kind: 'approval',
+            runId: run.id,
+            category: attempt?.category ?? 'unknown',
+            operation: attempt?.operation ?? 'unknown',
+            status: approval.status,
+            riskFlags: attempt === undefined ? [] : riskFlags(attempt),
+            reason: safeText(approval.resolutionReason ?? (approval.status === 'pending' ? 'Awaiting explicit decision outside TUI.' : 'No reason recorded.')),
+            agent: run.selectedAgentId,
+            createdAt: approval.requestedAt,
+            updatedAt: approval.resolvedAt ?? approval.requestedAt,
+            nextActions: [dashboardCopyAction('Inspect run approvals', `npm run cli -- runs approvals --run-id ${run.id}`), dashboardCopyAction('Inspect resume gate', `npm run cli -- runs resume-gate --approval ${approval.id}`)],
+        };
+    });
+    const preflightItems = details.operationAttempts.map((attempt) => ({
+        id: attempt.id,
+        kind: 'preflight',
+        runId: run.id,
+        category: attempt.category,
+        operation: attempt.operation,
+        status: attempt.status,
+        riskFlags: riskFlags(attempt),
+        reason: summarizeJson(attempt.operationMetadata),
+        agent: attempt.executorName,
+        createdAt: attempt.reservedAt,
+        updatedAt: attempt.updatedAt,
+        nextActions: [dashboardCopyAction('Inspect run', `npm run cli -- runs get --id ${run.id}`), dashboardCopyAction('Evaluate retry', `npm run cli -- runs retry-check --approval ${attempt.approvalId ?? '<approval-id>'}`)],
+    }));
+    return [...approvalItems, ...preflightItems];
+}
+function riskFlags(attempt) {
+    const metadata = redactDashboardValue(attempt.operationMetadata);
+    if (typeof metadata !== 'object' || metadata === null || Array.isArray(metadata))
+        return [];
+    return ['destructive', 'external', 'privileged', 'ambiguous', 'sandboxStrategy']
+        .filter((key) => Object.prototype.hasOwnProperty.call(metadata, key))
+        .map((key) => `${key}=${String(metadata[key])}`);
+}
+function summarizeJson(value) {
+    const redacted = redactDashboardValue(value);
+    const rendered = typeof redacted === 'string' ? redacted : JSON.stringify(redacted);
+    return safeText(rendered).slice(0, 180);
+}
+function safeText(value) {
+    return redactJsonValue(value).replaceAll(/\s+/g, ' ').trim();
+}

package/dist/cli/dashboard-renderer.js

@@ -0,0 +1,109 @@
+import { renderSetupStatus, setupNeedsAction } from './setup-status-renderer.js';
+export function renderDashboard(view) {
+    return [
+        'VGXNESS Dashboard',
+        '',
+        renderProject(view),
+        '',
+        renderLatestRuns(view.runs),
+        '',
+        renderSelectedRun(view.selectedRun, view.selectedRunInsights),
+        '',
+        renderSetup(view.setup),
+        '',
+        renderSdd(view.sdd, view.project),
+        '',
+        renderNextDecision(view),
+        '',
+        renderSafetyBoundary(),
+        '',
+    ].join('\n');
+}
+function renderSetup(setup) {
+    return setup === undefined ? ['Setup Status', '- Setup lifecycle status unavailable. Run `setup status` for JSON details.'].join('\n') : renderSetupStatus(setup);
+}
+function renderProject(view) {
+    return ['Project', `- Name: ${view.project}`, `- Store: ${view.databasePath}`].join('\n');
+}
+function renderLatestRuns(runs) {
+    if (runs.length === 0)
+        return ['Latest Runs', '- No runs found for this project.'].join('\n');
+    return ['Latest Runs', ...runs.map((run) => `- ${run.id}: ${run.status} ${run.workflow}/${run.phase} — ${run.userIntent}`)].join('\n');
+}
+function renderSelectedRun(run, insights) {
+    if (run === undefined)
+        return ['Selected Run', '- No run selected. Pass --run-id <id> for details.'].join('\n');
+    const lines = [
+        'Selected Run',
+        `- ID: ${run.id}`,
+        `- Status: ${run.status}`,
+        `- Intent: ${run.userIntent}`,
+        `- Events: ${run.events.length}`,
+        `- Checkpoints: ${run.checkpoints.length}`,
+        `- Approvals: ${run.approvals.length}`,
+        `- Operation attempts: ${run.operationAttempts.length}`,
+    ];
+    if (insights !== undefined)
+        lines.push('', renderRunInsights(insights));
+    return lines.join('\n');
+}
+function renderRunInsights(insights) {
+    const lines = [
+        'Run Insights',
+        `- Debug: ${insights.debug.cause} — ${insights.debug.summary}`,
+        `- Recommended action: ${insights.debug.recommendedAction}`,
+        `- Resume plan: ${renderResumePlan(insights.resumePlan)}`,
+    ];
+    if (insights.resumePlan.blockers.length > 0)
+        lines.push(`- Blockers: ${insights.resumePlan.blockers.map((blocker) => `${blocker.code} — ${blocker.message}`).join('; ')}`);
+    const latestTimeline = insights.timeline.slice(-3).map((entry) => `${entry.type}: ${entry.label}`);
+    if (latestTimeline.length > 0)
+        lines.push('- Latest timeline:', ...latestTimeline.map((entry) => `  - ${entry}`));
+    return lines.join('\n');
+}
+function renderResumePlan(plan) {
+    if (plan.resumable && plan.latestCheckpoint !== undefined)
+        return `manual review eligible from checkpoint ${plan.latestCheckpoint.id}`;
+    return 'blocked or unavailable';
+}
+function renderSdd(sdd, project) {
+    if (sdd === undefined)
+        return ['SDD Change', '- No change selected. Pass --change <id> to inspect workflow state.'].join('\n');
+    const present = sdd.status.phases.filter((phase) => phase.present).map((phase) => phase.phase);
+    if (present.length === 0) {
+        return ['SDD Change', `- Change ${sdd.change} cannot be found yet. Pass --change <id> after saving SDD artifacts.`].join('\n');
+    }
+    const lines = [
+        'SDD Change',
+        `- Change: ${sdd.change}`,
+        `- Present: ${present.join(', ')}`,
+        `- Missing: ${sdd.status.phases.filter((phase) => !phase.present).map((phase) => phase.phase).join(', ') || 'none'}`,
+    ];
+    if (sdd.status.nextReadyPhase !== undefined)
+        lines.push(`- Next ready phase: ${sdd.status.nextReadyPhase}`);
+    if (sdd.readiness !== undefined && !sdd.readiness.ready)
+        lines.push(`- Missing prerequisites: ${sdd.readiness.missingArtifactTopicKeys.join(', ')}`);
+    lines.push(`- Inspect with: sdd status --project ${project} --change ${sdd.change}`);
+    return lines.join('\n');
+}
+function renderNextDecision(view) {
+    if (view.setup !== undefined && setupNeedsAction(view.setup)) {
+        return ['Next Decision', `- Resolve setup first with \`${view.setup.nextAction.command}\`: ${view.setup.nextAction.reason}.`].join('\n');
+    }
+    const sddNext = view.sdd?.status.nextReadyPhase;
+    const hasSddArtifacts = (view.sdd?.status.phases.some((phase) => phase.present) ?? false);
+    if (view.sdd !== undefined && hasSddArtifacts && sddNext !== undefined) {
+        return ['Next Decision', `- Continue SDD workflow with \`sdd ready --project ${view.project} --change ${view.sdd.change} --phase ${sddNext}\`.`].join('\n');
+    }
+    if (view.selectedRun !== undefined)
+        return ['Next Decision', '- Inspect selected run events, checkpoints, approvals, or operation attempts.'].join('\n');
+    if (view.runs.length === 0)
+        return ['Next Decision', '- Create a run or pass --change <id> to inspect SDD state.'].join('\n');
+    return ['Next Decision', '- Select a run with --run-id <id> or pass --change <id> for workflow readiness.'].join('\n');
+}
+function renderSafetyBoundary() {
+    return [
+        'Safety Boundary',
+        '- Read-only dashboard: no preflight, provider execution, shell execution, config writes, workers, sandbox, worktree, or OpenSpec writes.',
+    ].join('\n');
+}